[Openvas-discuss] Not scanning machines which don't respond to pings
michael.meyer at greenbone.net
Sat Aug 11 15:51:21 CEST 2012
*** Reindl Harald wrote:
> Am 11.08.2012 14:17, schrieb Michael Meyer:
> >> "Security By Obscurity" is not a good security
> >> but it is a dmaned good ADDITIONAL security for still hardened machines
> > No. It implies no safety gain
> you really try to explain me that there is no difference between
> hide what webserver type you are running instead blowing out
> Server: Apache/2.2.16 (Debian) PHP/5.3.3-7+squeeze6 with Suhosin-Patch mod_python/3.3.1 Python/2.6.6 mod_ssl/2.2.16
> X-Powered-By: PHP/5.3.3-7+squeeze6
> with each single response?
> this is nonsense!
To believe that this increased security is just wrong. Hiding the
banner doesn't make a webserver (or other services) more secure.
Michael Meyer OpenPGP Key: 52A6EFA6
Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG
Osnabrück, HR B 202460
Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
More information about the Openvas-discuss